Hi
currently the buffer size parameter for av_strlcpy() (and friends)
is unsigned this makes sense and is logic but it has a flaw
that is if a negative value is mistakely used something very bad happens
how can a negative value be assigned?
av_strlcpy(... FFMIN(buf_size, something))
with something being <0 and buf_size signed
i propose that we add a check to the functions so that they treat
sizes > INT_MAX like 0 (or a equivalent simpler solution)
comments welcome...
--
Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
I hate to see young programmers poisoned by the kind of thinking
Ulrich Drepper puts forward since it is simply too narrow -- Roman Shaposhnik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20070929/518bd302/attachment.pgp>